How to Protect Your Personal Information While Travelling

Whether for business or leisure, checking into a hotel room is second nature for many of us. Hotels do everything they can to make the process as seamless and hassle-free as possible and consequently it’s something that we don’t pay too much attention to. However, it’s important to remain vigilant to ensure that we protect our personal information carefully while travelling.

Similarly to online shopping portals, hotels are seen as a prime target of criminals such as data mongers and identity thieves, due to the wealth of personal data that they possess. Customers’ personal data such as full names, addresses, mobile numbers, credit card numbers and even copies of passport details are stored by hotels for record keeping. In fact, it was reported that Malware has been the ‘weapon’ of choice used by criminals to target hotels[1]. Your personal information can then be used for illegal activities such as

Here are some ways hotel guests can protect themselves:

Avoid leaving confidential data such as photocopies of passport details or NRICs unattended in hotel rooms. Instead, guests should store such documents in a lockable drawer or a safe;

Avoid removing flight luggage tags and throwing them in the hotel room bin as it contains personal information such as names and destination details;

Turn off Bluetooth connectivity as criminals might be able to tap into your mobile device, enabling them to access personal information;

Avoid using unsecured public Wi-Fi connections as they might have been set up by criminals to trick users into connecting to them so they may gain access to their mobile devices;

Business travellers who frequent hotel business centres should always remember to pick up their documents from the printing tray and dispose of all unwanted documents securely;

While hotel guests are responsible for safeguarding their own personal data during their travels, the hoteliers also play an important role in protecting their customers’ data. Hoteliers should implement effective ways to protect their customer’s confidential and personal information against unlawful processing and disclosure. Some examples include:

Appointing a Data Protection Officer within the organisation (mandatory practice under the Personal Data Protection Act (PDPA) in Singapore) to assist in ensuring proper policies and processes for managing personal data are established, enforced and compliant with the PDPA;

Any unused physical copy of customer’s data should be disposed of securely through a Shred-it All Policy;

Partnering with a document destruction expert for secure disposal of any sensitive information (secure shredding of paper documents, hard drives and electronic media).

Fostering a good data protection culture in your organisation and abiding by the Personal Data Protection Actand other data protection best practices, such as secure shredding, will enhance trust and goodwill with existing and potential customers.

Start Protecting Your Business

To learn more about how Shred-it can protect your documents and hard-drives, please contact us for a free quote and security risk assessment.

ABS CertifiedShred-it has been certified by the Association of Banks in Singapore (ABS) as an approved outsourced service provider. OSPAR (Outsourced Service Provider’s Audit Report) assesses control and governance, and standardises requirements and auditing processes for firms providing services to the financial industry, confirmed by an annual independent audit.

NAID MemberShred-it Singapore is a NAID Member, adhering to the stringent security practices and procedures established by the National Association for Information Destruction.